Commit: 4e78a59b078e150be6afee0d674c557d289b6ff0
Author: Dave McCowan <email address hidden>
Date: Tue Mar 10 10:25:11 2015
Websocket Proxy should verify Origin header
From: Dave McCowan <email address hidden>
Date: Tue, 24 Feb 2015 21:35:48 -0500
Subject: [PATCH] Websocket Proxy should verify Origin header
If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Reviewed: https:/ /review. fuel-infra. org/4380 ci/fuel- 5.1.1-updates/ 2014.1. 1
Submitter: Vitaly Sedelnik <email address hidden>
Branch: openstack-
Commit: 4e78a59b078e150 be6afee0d674c55 7d289b6ff0
Author: Dave McCowan <email address hidden>
Date: Tue Mar 10 10:25:11 2015
Websocket Proxy should verify Origin header
From: Dave McCowan <email address hidden>
Date: Tue, 24 Feb 2015 21:35:48 -0500
Subject: [PATCH] Websocket Proxy should verify Origin header
If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Change-Id: I16c3700828bf39 1a37abbab4b6daa b8ce9b0d791
Closes-Bug: #1420273